Court Documents Confirm CMU Paid By Government In Tor Attacks

District Judge Richard A. Jones has denied a motion to compel discovery filed by the lawyers of Brian Farrell, who is accused of being “DoctorClu”; one of the “key players” in Silk Road 2.0. The motion was filed in an attempt to find out how Farrell’s IP address was discovered.

According to the criminal complaint, Homeland Security Investigations (HSI) received a “lead” which ultimately led to the arrest of Brian Farrell.

“On July 30, 2014, HSI Seattle received a lead regarding one of these IP addresses, 67.182.142.24. According to Comcast records, the IP address resolved to an account maintained by a cooperating witness (“CW1”) at 4238 l63rd Avenue SE, Bellevue, Washington 98006. Washington Department of Licensing records showed that two individuals maintained vehicles at that address, CW1 and BRIAN FARRELL. Over the next few months, agents observed multiple vehicles at the residence, including one belonging to FARRELL. Agents also observed FARRELL on one occasion outside the residence.”

In the denied motion to compel discovery, it is revealed that this “lead” was actually the Software Engineering Institute (SEI) of Carnegie Mellon University (CMU) who were apparently conducting research on Tor – research that was funded by the Department of Defense.

“The record demonstrates that the defendant’s IP address was identified by the Software Engineering Institute (“SEI”) of Carnegie Mellon University (CMU”) [sic] when SEI was conducting research on the Tor network which was funded by the Department of Defense (“DOD”). The government previously produced information to the defense that Farrell’s IP address was observed when SEI was operating its computers on the Tor network. This information was obtained by law enforcement pursuant to a subpoena served on SEI-CMU.”

The subpoena was served by the FBI, but it isn’t known how they knew research was being conducted on Tor.

Jones didn’t disclose how CMU discovered Farrell’s IP address saying,

“The evidence before this Court indicate is that SEI obtained the defendant’s IP address while he was using the Tor network and SEI was operating nodes on that network, and not by any access to his computer. For these reasons, any other discovery about the methodology or technique used to identify the defendant’s IP address is not material to his defense.”

The Tor Project criticized this in a statement made for journalists which was published in a blog post; “It is clear that the court does not understand how the Tor network works.”

They ended the statement reassuring everyone that Tor is still secure.

“The Tor network is secure and has only rarely been compromised. The Software Engineering Institute (“SEI”) of Carnegie Mellon University (CMU) compromised the network in early 2014 by operating relays and tampering with user traffic. That vulnerability, like all other vulnerabilities, was patched as soon as we learned about it. The Tor network remains the best way for users to protect their privacy and security when communicating online.”

Brian Farrell is being charged with conspiracy to distribute cocaine, heroin, and methamphetamine by virtue of his alleged operation as an administrator of Silk Road 2.0; his trial is set to begin on April 25.

You might also like

2 comments

The actions of CMU, a prestigious University, show why the United States government can NOT be trusted, and neither can the leftist Academy. “Power corrupts and absolute power corrupts absolutely.” But, hey, THANK YOU CMU!!! Your efforts have only made the Tor Network BETTER and SAFER; free production testing, courtesy of the US government. But, you’re still cowardly liars CMU, who are unwilling to “stand in the light” for your data thieving actions. In this respect, you are even worse “than the worst” of the Deep Web, in that you refuse to even show who you are. In any case, no matter. But, lessons learned for the rest of you scalawags:

1) Use public anonymous Wi-Fi hotspots at ALL times; when scabs like CMU find their next exploit, the IP list that they hand over to the Feds will be WORTHLESS, and in time, even the Feds expect SOME return on their investment. Moving to a large city makes some sense in this regard; rent an apartment or house, if possible.

2) Use Tails with the HIGHEST security settings available in the Tor Browser and NEVER click on a suspicious link however “tempting” it may be! Treat EVERY Deep Web site as being compromised; eventually, your favorite site will be. It’s not a question of IF but WHEN.

3) Use FULL system encryption at all times in all places. You can still mount TrueCrypt containers using Tails (just see their documentation). Long passphrases (greater than 25 characters) with lower, Upper, special and punctuation characters are an ABSOLUTE must!

4) HIDE your encrypted system drives and containers, which means using some DECOYS. The Feds cannot decrypt that which they can NOT even find!!

5) Say NOTHING to anyone who would knock on your door (or, bust it down), except, of course, that you “Plead the 5th” and “want to speak with an attorney.” Rinse and repeat at least several times. Remember, the police are EXPERT liars, except in large numbers.

Clu(less) helped steal btc from all the sr2 userbase. I do not feel sorry for him at all. He also went by Ozmandius on the Hub. A mod. Which btw is run by another moron who doesn’t have a clue, Alfred aka Susan on the chat channel. Anyone involved with sr2 or the Hub deserves what they get. Users were earned multiple times.

Free Ross. Lock up Clu and the rest of the sr2 bums and throw away the key. Also bolo for Ace and the Scurvy Crew. They can’t get enough time in prison either. I hate scammers!!